Simple Approach of Negative Testing
Contributor: Abdul Hamid, Software Engineer, Nascenia
The primary goal of software testing team is to release quality product of an organization. Test team attempts to find maximum defects and bugs during test phases so that end users or client will not see any major abnormalities in UAT testing or production environment. They design test scenarios to make sure it will cover basic functionalities as well as abnormal or weird scenarios.
Normally test team should aware of several types of testing such as functional, unit, integration, regression, performance, security, alpha, beta testing etc. However, all these categories are primarily divided into two category, Positive Testing and Negative Testing.
Determines that application works as expected behavior. If an error is occurred during positive testing, corresponding test case will be failed.
It ensures that application can carefully handle invalid input or unexpected user behavior. For example, if a user tries to type a letter in a numeric field, the correct behavior in this case would be to display the “Invalid data type, please enter a number” message. The purpose of negative testing is to detect such situations and prevent applications from crashing and major validation and verification failure. Also, negative testing helps us to improve quality of application and find it’s weak points.
Typical Negative Testing Scenarios
Below are several possible examples of such situations:
1. Mandatory Data Entry
Some fields are mandatory to submit a form in web or desktop application. Software tester should try to submit it through bypassing one or more mandatory fields.
2. Field Type Test
Software specification indicates different fields of several data type. For example: date fields, numeric fields, phone numbers, zip codes, etc. Alphabetic should not allow numeric values, numeric values should not allow alphabetic or special characters, date fields should require a valid date, etc. Tester should test alphabetic field by numeric values, numeric fields with alphabetic, date fields with numeric or alphabetic and so on.
3. Field Length Test
Software specification mentions maximum and minimum length of each field. And there should have validation checking of their maximum and minimum length. Testing team should check each field larger than maximum length and smaller than minimum. For example, if specification mentions a maximum length of a text input field is 32 characters then tester should test it with 33 characters. Similarly if minimum length is 6 characters then testers should test it by 5 characters.
4. Boundary Values Test
Boundary Value Analysis technique allows to identify appropriate number of input values. For example, a numeric text field accepts a value from 10 to 100. So, testing team should test it outer than its boundary values. They should test it by 101 and 9 i.e. maximum of its higher boundary and minimum of its lower boundary value.
5. Date Validity
It is important to ensure that invalid dates are not allowed (31/09/2015 is an invalid date). Testers also should check for leap years. For example, February month couldn’t be in 29 days if the year is not leap year.
6. Embedded Single Quote
User can store information with single quote for alphanumeric data in SQL based systems. This can generate issues. Testers should test different input fields with a text that contains one or more single and double quotes.
7. Web Session & Cookies Testing
Cookies are small text file which gives ID tags that are stored our computer’s browser directory or program data. To maintain session cookies are used. Testing team should test the application by enabling or disabling the cookies in browser options.
8. Performance Changes with Stress and Concurrent Testing
Testing team should test performance testing besides its functional testing:
Important performance testings are:
- Load testing
- Stress testing
- Concurrent testing
For example, a get or post request works successfully for single request but application is hanged after certain time for huge request. So, tester should find out the exact point for which it can take maximum request and the point for it crashed or failed to send responses. Testing team also test its behavior for concurrent request.